Sign / Verify Messages using EdDSA - Examples in Python

After we explained in the previous section how the EdDSA signatures work, now it is time to demonstrate them with code examples. First, we shall demonstrated how to use Ed25519 signatures.

Ed25519 Signatures - Example

We shall use the Python library ed25519, which is based on the Bernstein's original optimized highly optimized C implementation of the Ed25519 signature algorithm (EdDSA over the Curve25519 in Edwards form):

pip install ed25519

Next, generate a private + public key pair for the Ed25519 cryptosystem, sign a sample message, and verify the signature:

The Ed25519 key pair is generated randomly: first a 32-byte random seed is generated, then the private key is derived from the seed, then the public key is derived from the private key. The hash function for key generation is SHA-512.

The Ed448 key pair is generated randomly. According to RFC 8032 the Ed448 private key is generated from 57-byte random seed, which is transformed to 57-byte public key using the SHAKE256(x, hash_len=114) hash function, along with EC point multiplication and the special key encoding rules for Ed448.

The private key is encoded as 114 hex digits (57 bytes). The public key is encoded also as 114 hex digits (57 bytes), in compressed form. In the above example the public key EC point is printed also in uncompressed format (x and y coordinates). The EdDSA-Ed448 signature {R, s} consists of 57 + 57 bytes (114 bytes, 228 hex digits).

Next, sign a sample message using the private key, and verify the signature using the public key after that: